ansible-roles/apache/templates/evolinux-default.conf.j2
Jérémy Lecour 242c005f6d Fix default web page
* split 80/443
* use modern authorization syntax
* reorganize the VHost file
2017-07-06 17:14:28 +02:00

61 lines
1.7 KiB
Django/Jinja

<VirtualHost *:80>
ServerName {{ ansible_fqdn }}
ServerAdmin webmaster@localhost
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/server-status.*$ [NC]
# RewriteCond %{REQUEST_URI} !^/munin_opcache.php$ [NC]
RewriteRule ^/(.*) https://{{ ansible_fqdn }}/$1 [L,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerName {{ ansible_fqdn }}
ServerAdmin webmaster@localhost
DocumentRoot /var/www/
SSLEngine on
SSLCertificateFile /etc/ssl/certs/{{ ansible_fqdn }}.crt
SSLCertificateKeyFile /etc/ssl/private/{{ ansible_fqdn }}.key
# SSLProtocol all -SSLv2 -SSLv3
<Directory /var/www/>
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride None
Include /etc/apache2/private_ipaddr_whitelist.conf
</Directory>
Alias /munin /var/cache/munin/www
<Directory /var/cache/munin/www/>
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride None
Include /etc/apache2/private_ipaddr_whitelist.conf
</Directory>
<Location /munin_opcache.php>
Include /etc/apache2/private_ipaddr_whitelist.conf
</Location>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
</Directory>
ErrorDocument 403 {{ apache_default_redirect_url }}
CustomLog /var/log/apache2/access.log vhost_combined
ErrorLog /var/log/apache2/error.log
LogLevel warn
Alias /phpmyadmin-{{ apache_phpmyadmin_suffix }} /usr/share/phpmyadmin/
IncludeOptional /etc/apache2/conf-available/phpmyadmin*
<Files ~ "\.(inc|bak)$">
deny from all
</Files>
</VirtualHost>